RE: [squid-users] Blocking Yahoo! & MSN Messengers thru Squid.

From: G Welter <G.Welter@dont-contact.us>
Date: Tue, 04 Mar 2003 14:10:43 +0100

Hi.

For all who have contacted me directly or for anyone who's interested. Here are the mime-type's we block in our environment:

^application/x-msn-messenger$
^app/x-hotbar-xip20$
^application/x-icq$
^AIM/HTTP$
^application/x-comet-log$

There are probably lots more similar mime-type's, but these ar ethe ones we've come across most. It doesn't prevent applications from getting installed, but it does render them useless.

Gerben.

>>> "Kirk Ty" <KirkTy@ivestafinancial.com> 03-03-03 16:43 >>>
This will fix your issues. Will block IM but not yahoo mail or hotmail.

squid.conf
acl AOL-YAHOO-MESSENGER dstdomain login.oscar.aol.com
acl AOL-YAHOO-MESSENGER dstdomain pager.yahoo.com
acl AOL-YAHOO-MESSENGER dstdomain shttp.msg.yahoo.com
acl AOL-YAHOO-MESSENGER dstdomain update.messenger.yahoo.com
acl AOL-YAHOO-MESSENGER dstdomain update.pager.yahoo.com
acl MSN-MESSENGER dst 64.4.13.0/255.255.255.0
acl MSN-MESSENGER dst 207.46.110.0/255.255.255.0

http_access deny AOL-YAHOO-MESSENGER
http_access deny MSN-MESSENGER

-hup it when finished.

Will speed up your proxy tremendously....or at least that's what I saw once
I did it. Doesn't make people too happy, but that's life.

> -----Original Message-----
> From: SSCR Internet Admin [mailto:admin@sscrmnl.edu.ph]
> Sent: Monday, March 03, 2003 2:12 PM
> To: Squid@Compucenter.org; Squid-Users
> Subject: RE: [squid-users] Blocking Yahoo! & MSN Messengers thru
> Squid.
>
> have you tried blocking it on iptables? port 5101 is the one that msn msgr
> is using...
>
> -----Original Message-----
> From: Georges J. Jahchan, Eng. [mailto:Squid@Compucenter.org]
> Sent: Saturday, March 01, 2003 4:20 PM
> To: Squid-Users
> Subject: [squid-users] Blocking Yahoo! & MSN Messengers thru
> Squid.
>
> Trying to block Yahoo! Messenger & MSN Messenger without disallowing
> connections to TCP ports 443 & 563 or blocking Yahoo! Mail and HotMail in
> squid v2.5 stable1.
> Following is the interesting part in squid.conf:
> acl SSL_ports port 443 563
> acl CONNECT method CONNECT
> http_access deny CONNECT !SSL_ports
> In the access log, I see the following:
> 1046394571.141 9423 127.0.0.1 TCP_MISS/200 2755 CONNECT
> loginnet.passport.com:443 - DIRECT/65.54.228.253 -
> 1045515709.636 12619 127.0.0.1 TCP_MISS/200 15952 CONNECT
> login.yahoo.com:443 - DIRECT/64.58.76.98 -
> My guess is the Messengers would connect through any open port, but
> I have not tested it.
> Obviously, both are working. Blocking access to port 443 is out of
> the question as this disables access to secure web sites through squid.
> Blocking loginnet.passport.com and login.yahoo.com would mean login
> becomes impossible to HotMail and Yahoo! Mail.
> Any ideas on how to "surgically" block the Messengers without
> blocking Yahoo! Mail and HotMail in squid?
> TIA
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003
>
> --
> This message has been scanned for viruses and
> dangerous contents on SSCR Email Scanner Server, and is
> believed to be clean.
>
>
Received on Tue Mar 04 2003 - 06:11:11 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:55 MST